CVE-2020-11068 MEDIUM

CVE-2020-11068: Potential Buffer Overflow in LoRaMac-node

Vendor Lora
Product LoRaMac-node
Weakness CWE-120
Published June 23, 2020
Last update August 4, 2024

CVSS base score

5.0/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked. This has been fixed in 4.4.4.

Key dates

02Disclosure timeline

June 23, 2020 CVE published
August 4, 2024 Record updated